Hello there! This is my problem: I’m going to buy a new smartphone, and I’d really like to degoogle myself as much as possible. The idea would be to buy a device compatible with LineageOS, but… Supported devices are usually older models, and often there are newer devices with better specs for the same price, that does not support lineageOS. Is seems a shame to buy a device with lower specs than another one just because of software compatibility. So the alternative would be to buy an unsupported device, unlock the bootloader and debloat it as much as possible, flash privileged fdroid and aurora store on it, install microg, etc… What do you suggest me to do? Is the second alternative a viable option? What other steps should I do if I decide to go that way?
Thanks in advance folks!
Edit:
Thanks to anyone for the great answers! I finally decided to buy a pixel 6 (or 6 pro if I find a good deal) and install a custom ROM on it!
GrapheneOS will support it for “only” 3 more years, while other roms like lineageos or divestos will have longer support. What do you suggest? Graphene OS and when support ends switch to another one? O directly use the other one?
You must log in or # to comment.
It’s your money completely upto you choose what you think is best. Generally if you want to go the route of buying a unsupported device unlocking the bootloader etc. You gotta do your research and know what ya doing m8
If you have the money and you care about not buying or owning a Google product, and / or you care about repairability, get a FairPhone: you can install
GrapheneOS orCalyxOS on them and they too support relocking the bootloader. It’s not just Pixel phones.Bonus: they have a SD card slot, unlike Pixel phones.
They’re not the speediest or sleekest devices, but that’s not where the interest lies with Fairphone cellphones: they’re mostly designed for long life and easy maintenance, and they’re made by a cool company I want to support personally. And they’re not made by Google, so buying one won’t support Google or the Pixel ecosystem in any way.
deleted by creator
Ah yes you’re correct. I got confused.
Ironically, the best devices for degoogling are Pixels. You can unlock the bootloader very easily and then flash something like GrapheneOS or CalyxOS, and finally even relock the bootloader afterwards for security. Graphene can run google services in a sandboxed mode and Calyx has microG by default iirc.
Murena (the company behind /e/ os) also sell smartphones with /e/ os installed. They’ve also partnered with Fairphone if you’re looking for a more sustainable model. I bought the Fairphone with /e/ os a couple of months ago because I was looking for a phone with replaceable parts and it works well. They also sell some refurbished models I believe.
Murena is a weird company. I tried to purchase a cellphone directly from them a few months ago, and they have this weird system on their website that forces you to create a full-blown cloud account with them - complete with email, calendar, file transfer and all - before being able to order anything. And in fact, even after creating the account, I couldn’t even figure out how to order with my brand-spanking new murena.io email.
After fiddling with this for a while, and mostly reflecting on the fact that this company that knows absolutely nothing about me just gave me an email address and a bunch of storage for free at the click of a button, I decided this was all a little too sketchy for my taste and gave up on the whole idea. That’s not how I expect to place an order with a normal company: I expect to have a cart and do a secure pay, not go through this kind of account creating rigmarole.
So, I’m not saying Murena is a bad company. I’m saying be careful with them, because the purchasing process is highly unusual with them.
The best option would be a Pixel running GrapheneOS. If you don’t want a Pixel, a well supported device with DivestOS (look for a recent one with a relockable bootloader) would be your best option. Debloating a stock OS isn’t recommended since those apps will come back anyway should the system update. Leaving your bootloader unlocked and rooting your phone as well is detrimental to Android security. Please don’t do that. See a third party OS comparison Also see:
thanks for the answer!
Debloating a stock OS isn’t recommended since those apps will come back anyway should the system update
really? at every OS update they will be brought back? there is no way to prevent that?
Leaving your bootloader unlocked and rooting your phone as well is detrimental to Android security. Please don’t do that.
my option #2 was to unlock the bootloader only to debloat and to flash privileged apps like fdroid, and then lock it again. Would this still be dangerous?
deleted by creator
I don’t think you need a bootloader unlock for installing any apps though, isn’t fdroid just a normal app install?
I can install fdroid with low privileges, but it will ask for permission at every update and install. Installing it with elevated privileges will allow for background updates, like Google Play does
That isn’t needed anymore, I think F-Droid basic can auto-update apps now. https://f-droid.org/packages/org.fdroid.basic/
deleted by creator
Great, I’ll do this then! Thanks man
I recommend you purchase a Google Pixel 6a or above (minimum security support ends July 2027) and flash GrapheneOS. (Pixel 8/pro preferred)
Aurora Store doesn’t avoid Google since a lot of the apps from the play store include Google’s SDK and libraries. microG also doesn’t avoid Google as it is still running proprietary Google code and has more privacy/security weaknesses
Sandboxed Google Mobile Services is a much better implementation which is featured in GrapheneOS. The services are not privileged and is treated like any other app. They don’t downgrade privacy or security unlike the other alternatives.
There are much more privacy and security benefits using GOS. Here is a 3rd party comparison between different mobile OS.
microG also doesn’t avoid Google as it is still running proprietary Google code
What proprietary code?
has more privacy/security weaknesses
Source?
microG runs Google Play code just like Aurora Store. It is not fully open source. Here’s more information.. It is still connecting to Googles propriety servers.
microG requires Signature Spoofing and alternative OSes usually ship with microG as a privileged system app. This increases the attack surface as it is not confined by the regular sandbox rules.
Now you’re using a privileged component, which downloads and executes Google code in that privileged unprotected context, and which talks to Google servers because otherwise, how would FCM work for example?
Despite doing both of those things, MicroG doesn’t have the same app compatibility as Sandboxed Google Play despite the extra access it has on your device. Even in some magical universe MicroG worked without talking to Google servers or running Google code (again, in a privileged context), the apps you’re actually using it with (the apps depending on Google Play) have Google code in them.
thanks for the answer! I would gladly do this if only pixel phones had an SD card… Sadly they don’t, and I really need it, so no pixel for me :(
You can always connect a USB stick or card reader with an SD card via USB-OTG
I will recommend you do use a phone that still receives security updates (Not EoL) because I don’t want you to lose out on security just to deGoogle.
If you are strict on having an SD card slot and your phone is still receiving support, you should use StockOS to receive firmware updates as soon as possible. If the phone you decide to get is EoL, the least bad option would be DivestOS (fork of LineageOS)
